
THAT WHICH IS CLAIMED: 

1. A method of controlling access to digital 
data in a file comprising: 

obtaining a passphrase from a user; 

generating a personal key based on the obtained 

5 passphrase; 

generating a file encryption key; 

encrypting the digital data in the file with the 
file encryption key to provide an encrypted file; 

encrypting the file encryption key with the 
10 personal key to provide an encrypted file encryption 

key; 

creating a file header containing the encrypted 
file encryption key; and 

associating the file header with the encrypted 

15 file. 

2. A method according to Claim 1, further 
comprising the step of storing the encrypted file at a 
file server. 

3. A method according to Claim 2, wherein the 
passphrase comprises a current passphrase and wherein 
the step of storing the encrypted file is followed by 

5 the steps of: 

obtaining the file header associated with the 
encrypted file stored at the file server; 

generating the personal key from the current 
passphrase associated with the file; 
10 decrypting the encrypted file encryption key with 

the personal key to provide a recovered file encryptio: 
key; 

generating a new personal key based on a new 
passphrase ; 
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15 encrypting the file encryption key with the new 

personal key to provide a new encrypted file encryption 
key ; 

creating a new file header containing the new 
encrypted file encryption key; and 
20 associating the new file header with the encrypted 

file stored at the file server. 

4. A method according to Claim 3, further 
comprising the step of storing the new file header 
associated with the encrypted file at the file server. 

5. A method according to Claim 4, wherein a 
plurality of files have corresponding associated file 
headers containing encrypted file encryption keys 
encrypted with a corresponding plurality of personal 

5 keys based on the passphrase, and wherein the step of 

obtaining the file header associated with the encrypted 
file comprises the step of retrieving the plurality of 
file headers associated with the encrypted files from 
the file server; 

10 wherein the step of generating the personal key 

from the current passphrase associated with the file 
comprises the step of generating the plurality of 
personal keys from the current passphrase associated 
with the plurality of files; 

15 wherein the step of decrypting the encrypted file 

encryption key with the personal key to provide a 
recovered file encryption key comprises the step of 
decrypting the plurality of encrypted file encryption 
keys with corresponding ones of the plurality of 

2 0 personal keys to provide a corresponding plurality of 

file encryption keys ; 

wherein the step of generating a new personal key 
based on the new passphrase comprises the step of 
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generating a plurality of new personal, keys based on 

2 5 the new passphrase; 

wherein the step of encrypting the file encryption 
key with the new personal key to provide a new 
encrypted file encryption key comprises the step of 
encrypting the plurality of file encryption keys with 

30 corresponding ones of the plurality of new personal 

keys to provide a plurality of new encrypted fxle 

encryption keys ; 

wherein the step of creating a new file header 
containing the new encrypted file encryption key 
35 comprises the step of creating a plurality of new fxle 

headers containing the new encrypted file encryption 
keys ; and 

wherein the step of storing the new file header 
associated with the file at the file server comprises 
40 the step of storing the plurality of new file headers 

associated with the plurality of files at the file 

server . 

6. A method according to Claim 5, wherein the 
plurality of files comprise all files stored at the 
file server associated with a user and having a file 
header with an encrypted file encryption key encrypted 

5 with a personal key derived from the current 

passphrase . 

7. A method according to Claim 2, wherein the 
step of storing the encrypted file is followed by the 

steps of: 

obtaining a passphrase to be utilized in 

5 decrypting the file; 

retrieving the encrypted file and the associated 

file header; 
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generating the personal key from the passphrase to 
be utilized in decrypting the file; 

decrypting the encrypted file encryption key with 
the personal key to provide a recovered file encryption 
key ; and 

decrypting the file with the recovered file 
encryption key. 

8. A method according to Claim 1, further 

comprising the steps of: 

obtaining a user identification associated with an 

owner of the file; 

obtaining a file identification associated with 

the file; and 

wherein the step of generating a personal key 
based on the obtained passphrase comprises the step of 
hashing the user identification, the passphrase and the 
file identification to provide the personal key. 

9. A method according to Claim 8, further 
comprising the step of storing the file and the 
associated file header at a file server. 

10. A method according to Claim 9, wherein the 
step of storing the file and the associated file header 
at a file server comprises the step of selectively 
storing the file and the file header based on a type of 
store requested by the user and an evaluation of 
whether an existing file and file header having the 
user identification and file identification are stored 
at the file server. 

11. A method according to Claim 1, further 
comprising the steps of: 

generating an integrity key; 
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generating a message authentication code based on 
5 digital data of the file utilizing the integrity key; 

wherein the step of encrypting the file encryption 
key with the personal key to provide an encrypted file 
encryption key comprises the. step of encrypting the 
file encryption key and the integrity key with the 
10 personal key to provide encrypted file encryption keys; 

and 

wherein the step of creating a file header 
containing the encrypted file encryption key comprises 
the step of creating a file header containing the 
15 encrypted file encryption keys and the message 

authentication code. 

12. A method according to Claim 11, further 
comprising the step of storing the encrypted file and 
the file header associated with the encrypted file at a 
file server. 

13. A method according to Claim 12, wherein the 
step of storing the encrypted file and the file header 
is followed by the steps of: 

obtaining a passphrase to be utilized in 
5 decrypting the file; 

retrieving the encrypted file and the associated 
file header from the file server; 

generating the personal key from the passphrase to 
be utilized in decrypting the file; 
10 decrypting the encrypted file encryption keys with 

the personal key to provide a recovered file encryption 
key and a recovered integrity key; 

decrypting the file with the recovered file 
encryption key; 
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hashing the recovered integrity Key with the 
decrypted file to provide a recovered message 

authentication code; 

obtaining the message authenticatron code from 

file header; and ^•^=^^on 

comparing the recovered message ^^^-"""""^^^^ 
code with the message authentication code from the frle 
heler to confirm that the decrypted file corresponds 
ZZ ^ile Which generated the message authentication 
code from the file header. 

14 A method according to Claim 11, further 

compr..in. the step of ^^^^^ ^z^-::::::^. 

with the integrity key to provide a varxfxcat 

Wherein the step of encrypting the file encryption 
.ey and the integrity key with the personal key to 
p/ovide encrypted file encryption keys comprises the 
step of encrypting the file encryption ^^Y, t^e 
integrity key and the verification value wxth the , 
mtegri y y encrypted file encryption 

personal key to provide the encryp 

keys . 

15 A method according to Claim 14, further 
•.•no the step of storing the encrypted file and 
comprising the step encrypted file at a 

the file header associated with the encryp 

file server. 

i-^ma-imlB, wherein the 
16 A method according to Claim lb, 

step of' storing the encrypted file and the file header 
is followed by the steps of: 

obtaining a passphrase to be utilized m 

decrypting the file; associated 
retrieving the encrypted file ana zn 

file header from the file server; 
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generating the personal key from the passphrase to 
be utilized in decrypting the file; 

decrypting the encrypted file encryption key wxth 
the personal key to provide a recovered file encryption 
key, a recovered integrity key and a recovered 
verification value; 

hashing the recovered file encryption key and the 
recovered integrity key to provide a hash value; 

comparing the hash value and the recovered 
verification value; and 

decrypting the file with the recovered file 
encryption key if the comparison of the hash value and 
the recovered verification value indicates that the 
values are equal . 

17. A method according to Claim 16, further 

comprising the steps of: 

hashing the recovered integrity key with the 
decrypted file to provide a recovered message 
authentication code; 

obtaining the message authentication code from the 

file header; and 

comparing the recovered message authentication 
code with the message authentication code from the fxle 
header to confirm that the decrypted file corresponds 
to the file which generated the message authentication 
code from the file header. 

18. A method according to Claim 1, further 

15 comprising the steps of: 

determining if a party other than an owner of the 
file is to have access to the file; 

obtaining a public key associated with the party 
other than the owner of the file if the party other 
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than the owner of the file is to have access to the 
file; 

encrypting the file encryption key with the 
public key of the party other than the owner of the 
file to provide a public key encrypted file encryption 
key if the party other than the owner of the file is to 
have access to the file; and 

incorporating the public key encrypted file 
encryption key in the header associated with the file 
if the party other than the owner of the file is to 
have access to the file. 

19 A method according to Claim 18, further 
comprising the step of storing the file header and the 
file at a file server. 

20. A method according to Claim 19, wherein the 
step of storing the file header and the file at the 
server is followed by the steps of: 

retrieving the file and the file header from the 

5 file server; 

obtaining a private key associated with the public 

key; 

decrypting the public key encrypted file 
encryption key with the private key to provide the file 

10 encryption key; and 

decrypting the file with the file encryption key. 

21. A method according to Claim 18, further 
comprising the steps of: 

generating an integrity key; 

generating a message authentication code based on 
5 digital data of the file utilizing the integrity key; 

wherein the step of encrypting the file encryption 
key with the personal key to provide an encrypted file 
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encryption key comprises the step of encrypting the 
file encryption key and the integrity key with the 
10 personal key to provide encrypted file encryption keys ; 

wherein the step of creating a file header 
containing the encrypted file encryption key comprises 
the step of creating a file header containing the 
encrypted file encryption keys and the message 
15 authentication code; 

wherein the step of encrypting the file encryption 
key with the public key of the party other than the 
owner of the file to provide a public key encrypted 
file encryption key if the party other than the owner 
20 of the file is to have access to the file comprises the 

step of encrypting the file encryption key and the 
integrity key with the public key to provide public key 
encrypted keys ; and 

wherein the step of incorporating the public key 
2 5 encrypted file encryption key in the file header 

associated with the file if the party other than the 
owner of the file is to have access to the file 
comprises the step of incorporating the public key 
encrypted keys in the file header. 

22. A method according to Claim 21, further 
comprising the step of storing the encrypted file and 
the file header associated with the encrypted file at a 
file server. 

23. A method according to Claim 22, wherein the 
step of storing the encrypted file and the file header 
is followed by the steps of : 

5 retrieving the encrypted file and the associated 

file header from the file server; 

obtaining a private key associated with public 

key; 
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decrypting the public key encrypted keys with the 
10 private key to provide a recovered file encryption key 

and a recovered integrity key; 

decrypting the file with the recovered file 

encryption key; 

hashing the recovered integrity key with the 
15 decrypted file to provide a recovered message 

authentication code; 

obtaining a message authentication code from the 

file header; and 

comparing the recovered message authentication 
20 code with the message authentication code from the file 

header to confirm that the decrypted file corresponds 
to the file which generated the message authentication 
code from the file header. 

24. A method according to Claim 22, wherein the 
public key comprises a current public key and wherein 
the step of storing the encrypted file and the file 
header is followed by the steps of : 
5 retrieving the file header associated with the 

encrypted file from the file server; 

generating the personal key from the passphrase 
associated with the file; 

decrypting the encrypted file encryption key with 
10 the personal key to provide a recovered file encryption 

key; 

obtaining a new public key; 

encrypting the file encryption key with the new 
public key to provide a new public key encrypted file 

15 encryption key; 

creating a new file header containing the new 
public key encrypted file encryption key; and 

storing the new file header associated with the 
file at the file server. 
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25. A method according to Claim 21, further 
comprising the step of hashing the file encryption key 
with the integrity key to provide a verification value; 
and 

5 wherein the step of encrypting the file encryption 

key and the integrity key with the public key to 
provide public key encrypted keys comprises the step of 
encrypting the file encryption key, the integrity key 
and the verification value with the public key to 
10 provide the public key encrypted keys. 

26. A method according to Claim 25, further 
comprising the step of storing the encrypted file and 
the file header associated with the encrypted file at a 
file server. 

27. A method according to Claim 26, wherein the 
step of storing the encrypted file and the file header 
is followed by the steps of: 

retrieving the encrypted file and the associated 
5 file header from the file server; 

obtaining a private key associated with the public 

key; 

decrypting the encrypted file encryption key with 
the private key to provide a recovered file encryption 
10 key, a recovered integrity key and a recovered 

verification value; 

hashing the recovered file encryption key and the 
recovered integrity key to provide a hash value; 

comparing the hash value and the recovered 
15 verification value; and 

decrypting the file with the recovered file 
encryption key if the comparison of the hash value and 
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the recovered verification value indicates that the 
values are equal . 

28. A method according to Claim 27, further 

comprising the steps of: 

hashing the recovered integrity key with the 
decrypted file to provide a recovered message 
authentication code; 

obtaining a message authentication code from the 

file header; and 

comparing the recovered message authentication 
code with the message authentication code from the file 
header to confirm that the decrypted file corresponds 
to the file which generated the message authentication 
code from the file header. 

/(^2^ A system for controlling access to digital 
data in a file comprising: 

means for obtaining a passphrase from a user; 
means for generating a personal key based on the 

obtained passphrase; 

means for generating a file encryption key; 

means for encrypting the digital data in the file 
with the file encryption key to provide an encrypted 

means for encrypting the file encryption key with 

the personal key to provide an encrypted file 

encryption key; 

means for creating a file header containing the 

encrypted file encryption key; and 

means for associating the file header with the 

encrypted file. 
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30. A system according to Claim 29, further 
comprising means for storing the encrypted file at a 
file server. 

31. A system according to Claim 30, wherein the 
passphrase comprises a current passphrase, the system 
further comprising: 

means for obtaining the file header associated 
5 with the encrypted file stored at the file server; 

means for generating the personal key from the 
current passphrase associated with the file; 

means for decrypting the encrypted file encryption 
key with the personal key to provide a recovered file 
10 encryption key; 

means for generating a new personal key based on a 

new passphrase; 

means for encrypting the file encryption key with 
the new personal key to provide a new encrypted file 
15 encryption key; 

means for creating a new file header containing 
the new encrypted file encryption key; and 

means for associating the new file header with the 
encrypted file stored at the file server. 

32. A system according to Claim 31, further 
comprising means for storing the new file header 
associated with the encrypted file at the file server. 

33. A system according to Claim 32, wherein a 
plurality of files have corresponding associated file 
headers containing encrypted file encryption keys 
encrypted with a corresponding plurality of personal 

5 keys based on the passphrase, and wherein the means for 

obtaining the file header associated with the encrypted 
file comprises means for retrieving the plurality of 
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file headers associated with the encrypted files from 
the file server,- 

10 wherein the means for generating the personal key 

from the current passphrase associated with the file 
comprises means for generating the plurality of 
personal keys from the current passphrase associated 
with the plurality of files; 
15 wherein the means for decrypting the encrypted 

file encryption key with the personal key to provide a 
recovered file encryption key comprises means for 
decrypting the plurality of encrypted file encryption 
keys with corresponding ones of the plurality of 
2 0 personal keys to provide a corresponding plurality of 

file encryption keys; 

wherein the means for generating a new personal 
key based on the new passphrase comprises means for 
generating a plurality of new personal keys based on 
2 5 the new passphrase; 

wherein the means for encrypting the file 
encryption key with the new personal key to provide a 
new encrypted file encryption key comprises means for 
encrypting the plurality of file encryption keys with 
corresponding ones of the plurality of new personal 
keys to provide a plurality of new encrypted file 
encryption keys; 

wherein the means for creating a new file header 
containing the new encrypted file encryption key 
35 comprises means for creating a plurality of new file 

headers containing the new encrypted file encryption 
keys ; and 

wherein the means for storing the new file header 
associated with the file at the file server comprises 
40 means for storing the plurality of new file headers 

associated with the plurality of files at the file 
server . 
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34. A system according to Claim 33, wherein the 
plurality of files comprise all files stored at the 
file server associated with a user and having a file 
header with an encrypted file encryption key encrypted 
with a personal key derived from the current 
passphrase . 

35. A system according to Claim 30, further 
comprising : 

means for obtaining a passphrase to be utilized in 
decrypting the file; 

means for retrieving the encrypted file and the 
associated file header; 

means for generating the personal key from the 
passphrase to be utilized in decrypting the file; 

means for decrypting the encrypted file encryption 
key with the personal key to provide a recovered file 
encryption key; and 

means for decrypting the file with the recovered 
file encryption key. 

36. A system according to Claim 29, further 
comprising : 

means for obtaining a user identification 
associated with an owner of the file; 

means for obtaining a file identification 
associated with the file; and 

wherein the means for generating a personal key 
based on the obtained passphrase comprises means for 
hashing the user identification, the passphrase and the 
file identification to provide the personal key. 
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37. A system according to Claim 36, further 
comprising means for storing the file and the 
associated file header at a file server. 

38. A system according to Claim 37, wherein the 
means for storing the file and the associated file 
header at a file server comprises means for selectively 
storing the file and the file header based on a type of 

5 store requested by the user and an evaluation of 

whether an existing file and file header having the 
user identification and file identification are stored 
at the file server. 

39. A system according to Claim 29, further 
comprising : 

means for generating an integrity key; 
means for generating a message authentication code 
based on digital data of the file utilizing the 
integrity key; 

wherein the means for encrypting the file 
encryption key with the personal key to provide an 
encrypted file encryption key comprises means for 
encrypting the file encryption key and the integrity 
key with the personal key to provide encrypted file 
encryption keys ; and 

wherein the means for creating a file header 
containing the encrypted file encryption key comprises 
means for creating a file header containing the 
encrypted file encryption keys and the message 
authentication code . 

40. A system according to Claim 39, further 
comprising means for storing the encrypted file and the 
file header associated with the encrypted file at a 
file server. 
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41. A system according to Claim 40, further 
comprising : 

means for obtaining a passphrase to be utilized in 

decrypting the file; 

means for retrieving the encrypted file and the 
associated file header from the file server; 

means for generating the personal key from the 
passphrase to be utilized in decrypting the file; 

means for decrypting the encrypted file encryption 
keys with the personal key to provide a recovered file 
encryption key and a recovered integrity key; 

means for decrypting the file with the recovered 

file encryption key; 

means for hashing the recovered integrity key with 
the decrypted file to provide a recovered message 
authentication code; 

means for obtaining the message authentication 

code from the file header; and 

means for comparing the recovered message 
authentication code with the message authentication 
code from the file header to confirm that the decrypted 
file corresponds to the file which generated the 
message authentication code from the file header. 

42. A system according to Claim 39, further 
comprising means for hashing the file encryption key 
with the integrity key to provide a verification value; 
and 

wherein the means for encrypting the file 
encryption key and the integrity key with the personal 
key to provide encrypted file encryption keys comprises 
means for encrypting the file encryption key, the 
integrity key and the verification value with the 
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personal key to provide the encrypted file encryption 
keys . 

43 A system according to Claim 42, further 
comprising means for storing the encrypted file and the 
file header associated with the encrypted file at a 
file server. 



44 



A system according to Claim 43, further 



comprising: , 
means for obtaining a passphrase to be utilized xn 

decrypting the file; 

means for retrieving the encrypted file and the 
associated file header from the file server; 

means for generating the personal key from the 
passphrase to be utilized in decrypting the file; 

means for decrypting the encrypted file encryption 
key with the personal key to provide a recovered file 
encryption key, a recovered integrity key and a 
recovered verification value; 

means for hashing the recovered file encryption 
key and the recovered integrity key to provide a hash 

15 value; 

means for comparing the hash value and the 

recovered verification value; and 

means for decrypting the file with the recovered 
file encryption key if the comparison of the hash value 
and the recovered verification value indicates that the 
values are equal . 

45. A system according to Claim 44, further 
comprising: 

means for hashing the recovered integrity key with 
the decrypted file to provide a recovered message 
; authentication code; 

-52- 
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means for obtaining the message authentication 
code from the file header; and 

means for comparing the recovered message 
authentication code with the message authentication 
code from the file header to confirm that the decrypted 
file corresponds to the file which generated the 
message authentication code from the file header. 

46. A system according to Claim 29, further 
comprising : 

means for determining if a party other than an 
owner of the file is to have access to the file; 

means for obtaining a public key associated with 
the party other than the owner of the file if the party 
other than the owner of the file is to have access to 
the file; 

means for encrypting the file encryption key with 
the public key of the party other than the owner of the 
file to provide a public key encrypted file encryption 
key if the party other than the owner of the file is to 
have access to the file; and 

means for incorporating the public key encrypted 
file encryption key in the header associated with the 
file if the party other than the owner of the file is 
to have access to the file. 

47. A system according to Claim 46, further 
comprising means for storing the file header and the 
file at a file server. 

48. A system according to Claim 47, further 
comprising : 

means for retrieving the file and the file header 
from the file server; 
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5 means for obtaining a private key associated with 

the public key; 

means for decrypting the public key encrypted file 
encryption key with the private key to provide the file 
encryption key; and 
LO means for decrypting the file with the file 

encryption key. 

49. A system according to Claim 46, further 
comprising : 

means for generating an integrity key; 
means for generating a message authentication code 
5 based on digital data of the file utilizing the 

integrity key; 

wherein the means for encrypting the file 
encryption key with the personal key to provide an 
encrypted file encryption key comprises the step of 
10 encrypting the file encryption key and the integrity 

key with the personal key to provide encrypted file 
encryption keys; 

wherein the means for creating a file header 
containing the encrypted file encryption key comprises 
15 means for creating a file header containing the 

encrypted file encryption keys and the message 
authentication code; 

wherein the means for encrypting the file 
encryption key with the public key of the party other 
20 than the owner of the file to provide a public key 

encrypted file encryption key if the party other than 
the owner of the file is to have access to the file 
comprises means for encrypting the file encryption key 
and the integrity key with the public key to provide 
2 5 public key encrypted keys; and 

wherein the means for incorporating the public key 
encrypted file encryption key in the file header 
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associated with the file if the party other- than the 
owner of the file is to have access to the file 
comprises means for incorporating the public key 
encrypted keys in the file header. 

50. A system according to Claim 49, further 
comprising means for storing the encrypted file and the 
file header associated with the encrypted file at a 
file server. 

51. A system according to Claim 50, further 
comprising : 

means for retrieving the encrypted file and the 
associated file header from the file server; 

means for obtaining a private key associated with 

public key; 

means for decrypting the public key encrypted keys 
with the private key to provide a recovered file 
encryption key and a recovered integrity key; 

means for decrypting the file with the recovered 

file encryption key; 

means for hashing the recovered integrity key with 
the decrypted file to provide a recovered message 
authentication code; 

means for obtaining a message authentication code 

from the file header; and 

means for comparing the recovered message 
authentication code with the message authentication 
code from the file header to confirm that the decrypted 
file corresponds to the file which generated the 
message authentication code from the file header. 

52. A system according to Claim 50, wherein the 
public key comprises a current public key, the syst 
further comprising: 



em 
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means for retrieving the file header associated 
5 with the encrypted file from the file server; 

means for generating the personal key from the 
passphrase associated with the file; 

means for decrypting the encrypted file encryptxon 
key with the personal key to provide a recovered file 

10 encryption key; 

means for obtaining a new public key; 
means for encrypting the file encryption key with 
the new public key to provide a new public key 
encrypted file encryption key; 

means for creating a new file header containing 
the new public key encrypted file encryption key; and 
means for storing the new file header associated 
with the file at the file server. 

53. A system according to Claim 49, further 
comprising means for hashing the file encryption key 
with the integrity key to provide a verification value; 
and 

5 wherein the means for encrypting the file 

encryption key and the integrity key with the public 
key to provide public key encrypted keys comprises 
means for encrypting the file encryption key, the 
integrity key and the verification value with the 
10 public key to provide the public key encrypted keys. 

54 A system according to Claim 53, further 
comprising means for storing the encrypted file and the 
file header associated with the encrypted file at a 
file server. 

55. A system according to Claim 54, further 
comprising : 
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means for retrieving the encrypted file and the 
associated file header from the file server; 
5 means for obtaining a private key associated with 

the public key; 

means for decrypting the encrypted file encryption 
key with the private key to provide a recovered file 
encryption key, a recovered integrity key and a 
10 recovered verification value; 

means for hashing the recovered file encryption 
key and the recovered integrity key to provide a hash 
value ; 

means for comparing the hash value and the 
15 recovered verification value; and 

means for decrypting the file with the recovered 
file encryption key if the comparison of the hash value 
and the recovered verification value indicates that the 
values are equal . 

56. A system according to Claim 55, further 
comprising : 

means for hashing the recovered integrity key with 
the decrypted file to provide a recovered message 
5 authentication code; 

means for obtaining a message authentication code 
from the file header; and 

means for comparing the recovered message 
authentication code with the message authentication 
10 code from the file header to confirm that the decrypted 

file corresponds to the file which generated the 
message authentication code from the file header. 

57. A computer program product for controlling 
15 access to digital data in a file comprising: 
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a computer readable storage medium having computer 
readable program code embodied therein, the computer 
readable program code comprising: 

computer readable program code which obtains a 
2 0 passphrase from a user; 

computer readable program code which generates a 
personal key based on the obtained passphrase; 

computer readable program code which generates a 
file encryption key; 
2 5 computer readable program code which encrypts the 

digital data in the file with the file encryption key 
to provide an encrypted file; 

computer readable program code which encrypts the 
file encryption key with the personal key to provide an 
30 encrypted file encryption key; 

computer readable program code which creates a 
file header containing the encrypted file encryption 
key ; and 

computer readable program code which associates 
35 the file header with the encrypted file. 



58. A computer program product according to Claim 

57, further comprising computer readable program code 
which stores the encrypted file at a file server. 

59. A computer program product according to Claim 

58, wherein the passphrase comprises a current 
passphrase, the computer program product further- 
comprising : 

5 computer readable program code which obtains the 

file header associated with the encrypted file stored 
at the file server; 

computer readable program code which generates the 
personal key from the current passphrase associated 
10 with the file; 
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computer readable program code which decrypts the 
encrypted file encryption key with the personal key to 
provide a recovered file encryption key; 

computer readable program code which generates a 
15 new personal key based on a new passphrase; 

computer readable program code which encrypts the 
file encryption key with the new personal key to 
provide a new encrypted file encryption key; 

computer readable program code which creates a new 
20 file header containing the new encrypted file 

encryption key; and 

computer readable program code which associates 
the new file header with the encrypted file stored at 
the file server . 

60. A computer program product according to Claim 

59, further comprising computer readable program code 
which stores the new file header associated with the 
encrypted file at the file server. 

61. A computer program product according to Claim 

60, wherein a plurality of files have corresponding 
associated file headers containing encrypted file 
encryption keys encrypted with a corresponding 

5 plurality of personal keys based on the passphrase, and 

wherein the computer readable program code which 
obtains the file header associated with the encrypted 
file comprises computer readable program code which 
retrieves the plurality of file headers associated with 
10 the encrypted files from the file server; 

wherein the computer readable program code which 
generates the personal key from the current passphrase 
associated with the file comprises computer readable 
program code which generates the plurality of personal 
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keys from the current passphrase associated with the 
plurality of files; 

wherein the computer readable program code which 
decrypts the encrypted file encryption key with the 
personal key to provide a recovered file encryption key 
comprises computer readable program code which decrypts 
the plurality of encrypted file encryption keys with 
corresponding ones of the plurality of personal keys to 
provide a corresponding plurality of file encryption 
keys ; 

wherein the computer readable program code which 
generates a new personal key based on the new 
passphrase comprises computer readable program code 
which generates a plurality of new personal keys based 
on the new passphrase; 

wherein the computer readable program code which 
encrypts the file encryption key with the new personal 
key to provide a new encrypted file encryption key 
comprises computer readable program code which encrypts 
the plurality of file encryption keys with 
corresponding ones of the plurality of new personal 
keys to provide a plurality of new encrypted file 

encryption keys; 

wherein the computer readable program code which 
creates a new file header containing the new encrypted 
file encryption key comprises computer readable program 
code which creates a plurality of new file headers 
containing the new encrypted file encryption keys; and 

wherein the computer readable program code which 
stores the new file header associated with the file at 
the file server comprises computer readable program 
code which stores the plurality of new file headers 
associated with the plurality of files at the file 
server , 
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62 . A computer program product according to Claim 
61, wherein the plurality of files comprise all files 
stored at the file server associated with a user and 
having a file header with an encrypted file encryption 
5 key encrypted with a personal key derived from the 

current passphrase . 



63 , A computer program product according to Claim 
58 , further comprising : 

computer readable program code which obtains a 
passphrase to be utilized in decrypting the file; 
5 computer readable program code which retrieves the 

encrypted file and the associated file header; 

computer readable program code which generates the 
personal key from the passphrase to be utilized in 
decrypting the file; 
10 computer readable program code which decrypts the 

encrypted file encryption key with the personal key to 
provide a recovered file encryption key; and 

computer readable program code which decrypts the 
file with the recovered file encryption key. 

64 . A computer program product according to Claim 
57, further comprising: 

computer readable program code which obtains a 
user identification associated with an owner of the 
5 file; 

computer readable program code which obtains a 
file identification associated with the file; and 

wherein the computer readable program code which 
generates a personal key based on the obtained 
10 passphrase comprises computer readable program code 

which hashes the user identification, the passphrase 
and the file identification to provide the personal 
key . 
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65. A computer program product according to Claim 

64, further comprising computer readable program code 
which stores the file and the associated file header at. 
a file server. 

66. A computer program product according to Claim 

65, wherein the computer readable program code which 
stores the file and the associated file header at a 
file server comprises computer readable program code 

5 which selectively stores the file and the file header 

based on a type of store requested by the user and an 
evaluation of whether an existing file and file header 
having the user identification and file identification 
are stored at the file server. 

67. A computer program product according to Claim 
57, further comprising: 

computer readable program code which generates an 
integrity key; 

5 computer readable program code which generates a 

message authentication code based on digital data of 
the file utilizing the integrity key; 

wherein the computer readable program code which 
encrypts the file encryption key with the personal key 

10 to provide an encrypted file encryption key comprises 

computer readable program code which encrypts the file 
encryption key and the integrity key with the personal 
key to provide encrypted file encryption keys; and 

wherein the computer readable program code which 

15 creates a file header containing the encrypted file 

encryption key comprises computer readable program code 
which creates a file header containing the encrypted 
file encryption keys and the message authentication 
code . 
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68. A computer program product according to Claim 

67, further comprising computer readable program code 
which stores the encrypted file and the file header 
associated with the encrypted file at a file server. 

69. A computer program product according to Claim 

68, further comprising: 

computer readable program code which obtains a 
passphrase to be utilized in decrypting the file; 
5 computer readable program code which retrieves the 

encrypted file and the associated file header from the 
file server; 

computer readable program code which generates the 
personal key from the passphrase to be utilized in 
10 decrypting the file; 

computer readable program code which decrypts the 
encrypted file encryption keys with the personal key to 
provide a recovered file encryption key and a recovered 
integrity key; 

15 computer readable program code which decrypts the 

file with the recovered file encryption key; 

computer readable program code which hashes the 
recovered integrity key with the decrypted file to 
provide a recovered message authentication code; 

2 0 computer readable program code which obtains the 

message authentication code from the file header; and 

computer readable program code which compares the 
recovered message authentication code with the message 
authentication code from the file header to confirm 

25 that the decrypted file corresponds to the file which 

generated the message authentication code from the file 
header . 
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70. A computer program product according to Claim 
67, further comprising computer readable program code 
which hashes the file encryption key with the integrity 
key to provide a^ verification value; and 

5 wherein the computer readable program code which 

encrypts the file encryption key and the integrity key 
with the personal key to provide encrypted file 
encryption keys comprises computer readable program 
code which encrypts the file encryption key, the 
10 integrity key and the verification value with the 

personal key to provide the encrypted file encryption 
keys . 

71. A computer program product according to Claim 
70, further comprising computer readable program code 
which stores the encrypted file and the file header 
associated with the encrypted file at a file server. 



72. A computer program product according to Claim 
71 , further comprising : 

computer readable program code which obtains a 
passphrase to be utilized in decrypting the file; 
5 computer readable program code which retrieves the 

encrypted file and the associated file header from the 
file server; 

computer readable program code which generates the 
personal key from the passphrase to be utilized in 

10 decrypting the file; 

computer readable program code which decrypts the 
encrypted file encryption key with the personal key to 
provide a recovered file encryption key, a recovered 
integrity key and a recovered verification value; 

15 computer readable program code which hashes the 

recovered file encryption key and the recovered 
integrity key to provide a hash value; 
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computer readable program code which compares the 
hash value and the recovered verification value; and 

computer readable program code which decrypts the 
file with the recovered file encryption key if the 
comparison of the hash value and the recovered 
verification value indicates that the values are equal. 



73 . A computer program product according to Claim 
72, further comprising: 

computer readable program code which hashes the 
recovered integrity key with the decrypted file to 
5 provide a recovered message authentication code; 

computer readable program code which obtains the 
message authentication code from the file header; and 

computer readable program code which compares the 
recovered message authentication code with the message 
10 authentication code from the file header to confirm 

that the decrypted file corresponds to the file which 
generated the message authentication code from the file 
header . 

74 . A computer program product according to Claim 
57, further comprising: 

computer readable program code which 
determinesdetermining if a party other than an owner of 
5 the file is to have access to the file; 

computer readable program code which obtains a 
public key associated with the party other than the 
owner of the file if the party other than the owner of 
the file is to have access to the file; 
10 computer readable program code which encrypts the 

file encryption key with the public key of the party 
other than the owner of the file to provide a public 
key encrypted file encryption key if the party other 
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than the owner of the file is to have access to the 

15 file; and 

computer readable program code which incorporates 
incorporating the public key encrypted file encryption 
key in the header associated with the file if the party 
other than the owner of the file is to have access to 

20 the file. 

75. A computer program product according to Claim 
74, further comprising computer readable program code 
which stores the file header and the file at a file 



10 



10 



server . 
76 



A computer program product according to Claim 

75, further comprising: 

computer readable program code which retrieves the 
file and the file header from the file server; 

computer readable program code which obtains a 
private key associated with the public key; 

computer readable program code which decrypts the 
public key encrypted file encryption key with the 
private key to provide the file encryption key; and 

computer readable program code which decrypts the 
file with the file encryption key. 

A computer program product according to Claim 



77 . 



74, further comprising: 

computer readable program code which generates an 

integrity key; 

computer readable program code which generates a 
message authentication code based on digital data of 
the file utilizing the integrity key; 

wherein the computer readable program code which 
encrypts the file encryption key with the personal key 
to provide an encrypted file encryption key comprises 

- 6 6 - 
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the step of encrypting the file encryption key and the 
integrity key with the personal key to provide 
encrypted file encryption keys; 

wherein the computer readable program code wh.ch 
creates a file header containing the encrypted file 
encryption key comprises computer readable program code 
which creates a file header containing the encrypted 
file encryption keys and the message authentication 
cods * 

'wherein the computer readable program code which 
encrypts the file encryption key with the public key of 
the party other than the owner of the file to provide a 
public key encrypted file encryption key if the party 
other than the owner of the file is to have access to 
the file comprises computer readable program code which 
encrypts the file encryption key and the integrity key 
with the public key to provide public key encrypted 

keys ; and . ■ v, 

wherein the computer readable program code whxch 
incorporates the public key encrypted file encryption 
key in the file header associated with the file xf the 
party other than the owner of the file is to have 
access to the file comprises computer readable program 
code which incorporates the public key encrypted keys 
35 in the file header. 

78 A computer program product according to Claim 
77 further comprising computer readable program code 
which stores the encrypted file and the frle header 
associated with the encrypted file at a file server. 

79. A computer program product according to Claim 
78, further comprising: 
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computer readable program code which retrieves the 
encrypted file and the associated file header from the 
file server; 

computer readable program code which obtains a 
private key associated with public key; 

computer readable program code which decrypts the 
public key encrypted keys with the private key to 
provide a recovered file encryption key and a recovered 

integrity key; 

computer readable program code which decrypts the 
file with the recovered file encryption key; 

computer readable program code which hashes the 
recovered integrity key with the decrypted file to 
provide a recovered message authentication code; 

computer readable program code which obtains a 
message authentication code from the file header; and 

computer readable program code which compares the 
recovered message authentication code with the message 
authentication code from the file header to confirm 
that the decrypted file corresponds to the file which 
generated the message authentication code from the file 
header . 

80. A computer program product according to Claim 
78, wherein the public key comprises a current public 
key, the computer program product further comprising: 

computer readable program code which retrieves the 
file header associated with the encrypted file from the 
file server; 

computer readable program code which generates the 
personal key from the passphrase associated with the 
file; 

computer readable program code which decrypts the 
encrypted file encryption key with the personal key to 
provide a recovered file encryption key; 

- 6 8 - 
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computer reaaable pro^ra. code wMch obtain, a new 

''"""Connie. .ea.ab.e p.o..a. co.e wnic. en^ 
.i.e encryption .ey witb t.e new pnbUc .ey to prov.de 
, ,ew public Key encrypted file ^ 
conputer readable program code whxch - 
£ile header containing the new public Hey encrypted 
file encryption key,- and the 

computer readable program code wb.ch ^""^ 
new file header associated with the f.le at the f.le 

server . 

3, A computer program product according to Claim 
„ fnr;her comprising computer readable P"3"";°^; 
Ilch hashes the file encryption key with the rntegr.ty 
•^^ ^rf-T-if ication value; and 
re:: : th: :::puter readable program code which 
encrypts the file encryption key and the integrrty key 
with the public key to provide public key encrypted 
le s comprises counter readable J-^^f^ 

. file encryption key, the integrity Key a 

encrypts the file encryp kh kev to provide 

the verification value with the public key 
the public key encrypted Keys. 

8, computer program product according to Claim 

S, further comprising computer readable program code 

Ic^stores the encrypted file and the file ea^er 
associated with the encrypted file at a file server 

33. computer program product according to Claim 

"::::errara::r program coae Which retrieves the 
encryptTd file and the associated file header from the 

file server; 
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computer readable program code which obtains a 
private key associated with the public key; 

computer readable program code which decrypts the 
encrypted file encryption key with the private key to 
provide a recovered file encryption key, a recovered 
integrity key and a recovered verification value; 

computer readable program code which hashes the 
recovered file encryption key and the recovered 
integrity key to provide a hash value; 

computer readable program code which compares the 
hash value and the recovered verification value; and 

computer readable program code which decrypts the 
file with the recovered file encryption key if the 
comparison of the hash value and the recovered 
verification value indicates that the values are equal. 

84. A computer program product according to Claim 
83, further comprising: 

computer readable program code which hashes the 
recovered integrity key with the decrypted file to 
provide a recovered message authentication code; 

computer readable program code which obtains a 
message authentication code from the file header; and 

computer readable program code which compares the 
recovered message authentication code with the message 
authentication code from the file header to confirm 
that the decrypted file corresponds to the file which 
generated the message authentication code from the file 
header. 
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